svn commit: r282342 - head/usr.bin/col
Baptiste Daroussin
bapt at FreeBSD.org
Sat May 2 12:22:25 UTC 2015
Author: bapt
Date: Sat May 2 12:22:24 2015
New Revision: 282342
URL: https://svnweb.freebsd.org/changeset/base/282342
Log:
Capsicumize col(1)
Modified:
head/usr.bin/col/col.c
Modified: head/usr.bin/col/col.c
==============================================================================
--- head/usr.bin/col/col.c Sat May 2 12:19:24 2015 (r282341)
+++ head/usr.bin/col/col.c Sat May 2 12:22:24 2015 (r282342)
@@ -45,11 +45,15 @@ static char sccsid[] = "@(#)col.c 8.5 (B
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
+#include <sys/capsicum.h>
+
#include <err.h>
+#include <errno.h>
#include <locale.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
+#include <termios.h>
#include <unistd.h>
#include <wchar.h>
#include <wctype.h>
@@ -129,9 +133,24 @@ main(int argc, char **argv)
int this_line; /* line l points to */
int nflushd_lines; /* number of lines that were flushed */
int adjust, opt, warned, width;
+ cap_rights_t rights;
+ unsigned long cmd;
(void)setlocale(LC_CTYPE, "");
+ cap_rights_init(&rights, CAP_FSTAT, CAP_READ);
+ if (cap_rights_limit(STDIN_FILENO, &rights) < 0 && errno != ENOSYS)
+ err(1, "unable to limit rights for stdin");
+ cap_rights_init(&rights, CAP_FSTAT, CAP_WRITE, CAP_IOCTL);
+ if (cap_rights_limit(STDOUT_FILENO, &rights) < 0 && errno != ENOSYS)
+ err(1, "unable to limit rights for stdout");
+ cmd = TIOCGETA; /* required by isatty(3) in printf(3) */
+ if (cap_ioctls_limit(STDOUT_FILENO, &cmd, 1) < 0 && errno != ENOSYS)
+ err(1, "unable to limit ioctls for stdout");
+
+ if (cap_enter() < 0 && errno != ENOSYS)
+ err(1, "unable to enter capability mode");
+
max_bufd_lines = 128;
compress_spaces = 1; /* compress spaces into tabs */
while ((opt = getopt(argc, argv, "bfhl:px")) != -1)
More information about the svn-src-all
mailing list